<?PHP
include("settingsInc.php");

	$modeMain = mysql_real_escape_string($_GET['requestType']);
	$account = mysql_real_escape_string($_GET['accountID']);

	//TODO: PREVENT INJECTION

	switch($modeMain)
	{
		case "getAccountDetails": //If account doesnt exist with given ID, create.
		$query = 'select * from account
				  WHERE accountID = '.$account;
		break;

		case "updateUsername":
		$query = 'UPDATE ...
				  WHERE accountID = '.$account;
		break;

		case "updatePosition":
		$query = 'UPDATE ...
				WHERE accountID = '.$account;
		break;

		case "getAllPOIs":
		$query = 'select * from poi';
		break;

		case "getAllDayEvents":
		$query = 'select * from event';
		break;

		case "getCurrentDayEventsPOIID":
		$query = 'select distinct id_poi from event
				  WHERE NOW() <= date_end AND NOW() >= date_start';
		break;

		case "getSpecificEventDetails":
		$modeAlt = mysql_real_escape_string($_GET['eventID']);
		$query = 'select * from event
				  WHERE id = '.$modeAlt;
		break;

		case "getSpecificEventDetailsPOI":
		$modeAlt = mysql_real_escape_string($_GET['poiID']);
		$query = 'select * from event
				  WHERE NOW() <= date_end AND NOW() >= date_start AND id_poi = '.$modeAlt;
		break;

		case "attendEvent":
		$modeAlt = mysql_real_escape_string($_GET['eventID']);
		$query = '';
		break;

		case "getLeaderBoard":
		$query = 'select * from account'; //USE SUM FROM ACCOUNT ATTENDED TABLE
		break;

		default:
		echo "INVALID COMMAND";
		break;
	}

    $res = mysql_query($query);
    // iterate over every row
    while ($row = mysql_fetch_assoc($res)) {
        // for every field in the result..
        for ($i=0; $i < mysql_num_fields($res); $i++) {
            $info = mysql_fetch_field($res, $i);
            $type = $info->type;

            // cast for real
            if ($type == 'real')
                $row[$info->name] = doubleval($row[$info->name]);
            // cast for int
            if ($type == 'int')
                $row[$info->name] = intval($row[$info->name]);
        }

        $rows[] = $row;
    }

    // JSON-ify all rows together as one big array
    echo json_encode($rows);

mysql_close();
?>